aboutsummaryrefslogtreecommitdiff
path: root/gnu
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2015-11-12 11:45:23 +0100
committerLudovic Courtès <ludo@gnu.org>2015-11-12 11:49:18 +0100
commit0086ec733c9a968da1f817c3004b4e8742ab4f4d (patch)
treec8d11491e4926bae01d3bf19faeb00324e194012 /gnu
parentbd7dfafaa37fa26d47ac2d681b3b1a278663e9e2 (diff)
downloadguix-0086ec733c9a968da1f817c3004b4e8742ab4f4d.tar
guix-0086ec733c9a968da1f817c3004b4e8742ab4f4d.tar.gz
gnu: sudo: Upgrade to 1.8.15 [fixes CVE-2015-5602].
* gnu/packages/admin.scm (sudo)[arguments]: Add CPPFLAGS to #:configure-flags. In 'pre-configure' phase, modify 'sudo_usage.h.in'. Add pattern to remove '-o 0 -g 0' installation flag in 'Makefile.in', and remove pattern for '-O 0 -G 0'. Remove modifications of 'configure'.
Diffstat (limited to 'gnu')
-rw-r--r--gnu/packages/admin.scm31
1 files changed, 20 insertions, 11 deletions
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index 6aca8570c0..7fbc9fdc30 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -647,7 +647,7 @@ system administrator.")
(define-public sudo
(package
(name "sudo")
- (version "1.8.10p3")
+ (version "1.8.15")
(source (origin
(method url-fetch)
(uri
@@ -657,22 +657,31 @@ system administrator.")
version ".tar.gz")))
(sha256
(base32
- "002l6h27pnhb77b65frhazbhknsxvrsnkpi43j7i0qw1lrgi7nkf"))))
+ "0263gi6i19fyzzc488n0qw3m518i39f6a7qmrfvahk9j10bkh5j3"))))
(build-system gnu-build-system)
(arguments
- `(#:configure-flags '("--with-logpath=/var/log/sudo.log"
- "--with-rundir=/run/sudo"
- "--with-vardir=/var/db/sudo"
- "--with-iologdir=/var/log/sudo-io")
+ `(#:configure-flags
+ (list "--with-logpath=/var/log/sudo.log"
+ "--with-rundir=/run/sudo"
+ "--with-vardir=/var/db/sudo"
+ "--with-iologdir=/var/log/sudo-io"
+
+ ;; 'visudo.c' expects _PATH_MV to be defined, but glibc doesn't
+ ;; provide it.
+ (string-append "CPPFLAGS=-D_PATH_MV='\""
+ (assoc-ref %build-inputs "coreutils")
+ "/bin/mv\"'"))
#:phases (alist-cons-before
'configure 'pre-configure
(lambda _
- (substitute* "configure"
- ;; Refer to the right executables.
- (("/usr/bin/mv") (which "mv"))
- (("/usr/bin/sh") (which "sh")))
+ (substitute* "src/sudo_usage.h.in"
+ ;; Do not capture 'configure' arguments since we would
+ ;; unduly retain references, and also because the
+ ;; CPPFLAGS above would close the string literal
+ ;; prematurely.
+ (("@CONFIGURE_ARGS@") "\"\""))
(substitute* (find-files "." "Makefile\\.in")
- (("-O [[:graph:]]+ -G [[:graph:]]+")
+ (("-o [[:graph:]]+ -g [[:graph:]]+")
;; Allow installation as non-root.
"")
(("^install: (.*)install-sudoers(.*)" _ before after)